modiloader | 1f861b6c1c3788d3273c1d7dc36b6dfa488abbcc9844261b0b7c44992e18bb5e | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

6

Sharing

General

Target

1f861b6c1c3788d3273c1d7dc36b6dfa488abbcc9844261b0b7c44992e18bb5e
Size

2.0MB
Sample

230330-kd18aadc31
MD5

4c6f8659b10f1ed181e8bd32d7f9d3c9
SHA1

b7524cad4667537fb31f1870c92b5e3e8ad66579
SHA256

1f861b6c1c3788d3273c1d7dc36b6dfa488abbcc9844261b0b7c44992e18bb5e
SHA512

986fbebd04b601fafb844ff4e7c2edc0231901c68ad340996238d73a6c143527f0e531a3b31147461b091b21b3feeeb175be526e9b8888a66f940f01d3ba8fd4
SSDEEP

49152:e1Z2EHQt1F39ckIP6oERpVW6KlFjTCxkpKHY5Y:e1HE1F39/IPSpV8fXjK

Score

10^/10

modiloader persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

1f861b6c1c3788d3273c1d7dc36b6dfa488abbcc9844261b0b7c44992e18bb5e.exe

Resource

win7-20230220-en

modiloader persistence trojan

windows7-x64

8 signatures

300 seconds

Behavioral task

behavioral2

Sample

1f861b6c1c3788d3273c1d7dc36b6dfa488abbcc9844261b0b7c44992e18bb5e.exe

Resource

win10-20230220-en

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Targets

- Target
  
  1f861b6c1c3788d3273c1d7dc36b6dfa488abbcc9844261b0b7c44992e18bb5e
- Size
  
  2.0MB
- MD5
  
  4c6f8659b10f1ed181e8bd32d7f9d3c9
- SHA1
  
  b7524cad4667537fb31f1870c92b5e3e8ad66579
- SHA256
  
  1f861b6c1c3788d3273c1d7dc36b6dfa488abbcc9844261b0b7c44992e18bb5e
- SHA512
  
  986fbebd04b601fafb844ff4e7c2edc0231901c68ad340996238d73a6c143527f0e531a3b31147461b091b21b3feeeb175be526e9b8888a66f940f01d3ba8fd4
- SSDEEP
  
  49152:e1Z2EHQt1F39ckIP6oERpVW6KlFjTCxkpKHY5Y:e1HE1F39/IPSpV8fXjK
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader First Stage
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy